4081f3bf3d26b6d6c1965015cb2e2a26eb9710212523f35d7555a2fc021d1450

Analysis

max time kernel
120s
max time network
125s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
13/11/2023, 18:48

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

4081f3bf3d26b6d6c1965015cb2e2a26eb9710212523f35d7555a2fc021d1450.exe
Size

4.1MB
MD5

5425b3dc164685115b04884c0e65923f
SHA1

ca05cb9b99a73189d36be1098de799a112e563aa
SHA256

4081f3bf3d26b6d6c1965015cb2e2a26eb9710212523f35d7555a2fc021d1450
SHA512

a34a61ce72c38a26beb85978841ca25d5f733e0e73ade5126518696a181fe600f8ebdc66b45a8b5a4036fcd4ba7b27a059a5743aed67d1accffeec47a1ac01ae
SSDEEP

49152:Wb2XfWHdZ8BhE7K2dEj9GY+r5u8QeKxFOJxdb4vZKVe:U2XeHdZChmK2dZKdzOJDb4v+e

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
2020	4081f3bf3d26b6d6c1965015cb2e2a26eb9710212523f35d7555a2fc021d1450.exe
2020	4081f3bf3d26b6d6c1965015cb2e2a26eb9710212523f35d7555a2fc021d1450.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2020	4081f3bf3d26b6d6c1965015cb2e2a26eb9710212523f35d7555a2fc021d1450.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2020	4081f3bf3d26b6d6c1965015cb2e2a26eb9710212523f35d7555a2fc021d1450.exe

C:\Users\Admin\AppData\Local\Temp\4081f3bf3d26b6d6c1965015cb2e2a26eb9710212523f35d7555a2fc021d1450.exe
"C:\Users\Admin\AppData\Local\Temp\4081f3bf3d26b6d6c1965015cb2e2a26eb9710212523f35d7555a2fc021d1450.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\Cab6172.tmp

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
5KB

MD5
11d06dd163e58744042cc2d00671e3ae

SHA1
57886f6d99f5ce25efddce8c93cbcf3d2cf576d1

SHA256
f5117a2def7db04cce62c5c20e494bf9f366a3e599b7d2a7ab1c597746e0427a

SHA512
e355deb2f4fc1b8c4d2f8f370f3e81ecb62b999a0fc8651b4c9c86be9d51cb1b28b9b033ab875053862249858cb9dc77c241255a024f985a0313dbe6fb0890d7

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
68491f73a422420b22b7f4a1dc23c63b

SHA1
97dcca790597c49bf6176fdbb028fdaa963eeb26

SHA256
c3984683471715187a373e89220165067e46597940ea07600995ffb9397e206a

SHA512
89ee9878c9338b3d96dc22d247a57813baff8f9063e6ee4ede16b300b52b5cfc30d237662bfe3a524e5f11f576ff157cbd4446d25b420660490aaf79e2dcbf4d

Download Submit
\Users\Admin\AppData\Local\Temp\yb5D4C.tmp

Filesize
155.2MB

MD5
bff5e7499c471625725a2e6c81949d39

SHA1
c4f57b4c59e1c3353936fbb7403335aee65d8451

SHA256
a3fcea5933dc50cc1186bd28969a562b56af0f543b0f22eb8fd23e686dd29796

SHA512
09c3a8a7d33adfd35a74526ae9c3e015139070a44aa70632e1b578938699f0b6b45038feadcdb9455607ea68237d90bd9b6b6548ba24de0447a438184942d8cc

Download Submit
\Users\Admin\AppData\Local\Temp\yb5D4C.tmp

Filesize
155.2MB

MD5
bff5e7499c471625725a2e6c81949d39

SHA1
c4f57b4c59e1c3353936fbb7403335aee65d8451

SHA256
a3fcea5933dc50cc1186bd28969a562b56af0f543b0f22eb8fd23e686dd29796

SHA512
09c3a8a7d33adfd35a74526ae9c3e015139070a44aa70632e1b578938699f0b6b45038feadcdb9455607ea68237d90bd9b6b6548ba24de0447a438184942d8cc

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads